RFR: 8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING) deletes bar even if foo is not readable [v2]
Brian Burkhalter
bpb at openjdk.org
Thu Aug 31 21:12:11 UTC 2023
On Thu, 31 Aug 2023 19:34:14 GMT, Alan Bateman <alanb at openjdk.org> wrote:
>> Brian Burkhalter has updated the pull request incrementally with one additional commit since the last revision:
>>
>> 8073061: Check file system access only for move; add move sub-test
>
> src/java.base/unix/classes/sun/nio/fs/UnixFileSystem.java line 919:
>
>> 917: } else if (!sourceAttrs.isSymbolicLink() || flags.followLinks) {
>> 918: // Ensure source can be read
>> 919: provider.checkAccess(source, AccessMode.READ);
>
> I don't think this will work with a SM set as that will trigger a check that the SM will allow read before it checks if there is read access at the file system level (move is specified to check the SM for write access to both source and target).
I modified it in f09b468031ad542ba11e491a8091ea96a12d311d only to verify that the source has write access at the file system level.
I think that checkRead(), however, should be called if the move is effected as a copy + delete instead of as a rename. In this case, move() calls copyFile() which does not check with the SM that there is permission to read the source. In copy(), checkRead() is called before copyFile() is invoked.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15501#discussion_r1312248299
More information about the nio-dev
mailing list